Solved

Windows Time Server

Posted on 2014-11-05
6
103 Views
Last Modified: 2014-12-16
One of our NTP time servers is a standalone physical server. It gets its time from external time sources. This server is being replaced by a server which will be joined to our active directory.  I realize all computers joined to a domain get their network time from the Domain Controllers. Hopefully it can still be used as a network time server.

Unfortunately our time clients are configured with an IP address instead of a dns name. The replacement server will inherit the old server's IP address so changes to the client's time config should not be needed.

Can this new server (joined to the AD) still be configured to go the internet to get time and act as a time server?  

The old server is Windows 2003 sp2 stand alone.  New server is Windows 2008 R2.
0
Comment
Question by:epmmis
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 34

Expert Comment

by:it_saige
ID: 40425354
It can, but as you stated domain computers are configured, by default, to obtain their time source from the Domain Hierarchy.  This domain time source is recommended to be the PDC Emulator.  Otherwise, you can configure group policies so that the domain computers can get their time from a different source, in this case, the time server will be treated as an external time source.

-saige-
0
 
LVL 28

Expert Comment

by:Dan McFadden
ID: 40425956
To be even more specific... the PDC FSMO holder should  be configured to be the only DC to go to an external (reliable) time source.  All other DCs (FSMO holder or not) reference the PDC Role holder as a trust time device.  Then all domain joined clients use the DC infrastructure to get time.

You need to manually configure your PDC Role holder, reference link below:

http://technet.microsoft.com/en-us/library/cc784553(v=ws.10).aspx

I agree with it_saige that you could update your desktops/laptops/workstations with a GPO but as for other devices that pull time via IP, those should be pointed to the DC which holds the PDC FSMO.

As a 2nd option, you could DCPromo the replacement server and then transfer the PDC Role to it.  Then follow the instructions in the link above to configure the PDC Role holder as a reliable time source for the domain.  But I do not know what your domain looks like, how your network is setup or where all the DC exist on the network.

Dan
0
 

Author Comment

by:epmmis
ID: 40426782
I am sorry did not make my request clear.  The domain will continue to use the PDC emulator DC to get their time.  This is not an attempt to change how the domain processes time.

This new server will be the time source for other physical servers, such as my linux servers.  My domain controllers (and most of my AD) is virtualized.  It is best the physical host servers and my linux servers get their time from a physical server independent of the virtualize domain controllers.
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
LVL 34

Assisted Solution

by:it_saige
it_saige earned 250 total points
ID: 40426828
My post may have been overcomplicated.  In short, yes, you can do whay you want.

-saige-
0
 
LVL 34

Expert Comment

by:it_saige
ID: 40426908
I might add, though, since you are implementing (or redeploying) your own time server, that already connects to an external time source, there is nothing that states that your PDC emulator cannot use this server as it's external time source.  This might also be a best practice so that you do not request time updates too frequently from your external source(s).

-saige-
0
 
LVL 28

Accepted Solution

by:
Dan McFadden earned 250 total points
ID: 40427023
I agree with it_saige.  If this redeployed server is configured as a trusted time source, you can point the PDC Holder to that device.  This also allows you to reduce the outbound NTP traffic and limit it to only this physical server.

BTW, external time source refers to a device providing reliable NTP services, that is not contained within the PDC holder server.  The external time source can easily be an NTP device on the internal network.

Whether or not your reliable NTP server is inside of outside your network, in no way dictates the frequency of time update requests.  The frequency of updates is dictated by the configuration of the service making the requests.

Dan
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
For anyone that has accidentally used newSID with Server 2008 R2 (like I did) and hasn't been able to get the server running again because you were unlucky (as I was) and had no backups - I was able to get things working by doing a Registry Hive rec…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

635 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question